Hi guys just wanted to show off how we use the great OAuth system. It has all started with a post in our blog: http://www.injoit.com/blog/2009/02/20/an-idea-for-saving-game-scores-online-for-iphone-apps/ where I was thinking aloud on how to make a solution to store the high scores online (for our iPhone games). And then Chris has made his comment 'Sounds like you’re reinventing OAuth!'. So this is how I opened OAuth for myself and then decided indeed to use it as an authentication for our system.
Later we have decided to make the system open source and now it's in beta stage, but it's already installed in 4 iPhone games. It's fantastic how OAuth has resolved all our authentication problems and we didn't have to write it everything from scratch. The only thing I'm afraid of is I've just used it as is, picked the standard php +mysql implementation, made a few modifications and that's it. Still I'm far from understanding of all the aspects of how this thing works. The example was today when users of iCombat game started to update it to version 1.2 where our system has been implemented and suddenly it just stopped working. The funny thing was that the system still worked for other game so I couldn't believe the problem was with the server and was looking elsewhere. Then tried to get a request token with my testing web client and got this error: OAuth Verification Failed: Timestamp is out of sequence. Request rejected. Got 1246034104 last max is 1246119788 allowed skew is 600 Suddenly I realized that users playing the game have different time zones and therefore after I have tested it in Ukraine and my time was 8 p.m., the users from New York had no chance to add their scores until their local time will be the same (in 5 hours or so). So I didn't have a choice but to comment those lines in server where it checks the nonce/timestamp pair. Because if we make any alterations to the iPhone client, we would need to re-submit the game and it might take weeks for Apple testers to check and approve the new version. Everything is working now. So you can see we have started to use the system without deep understanding of how it works and possibly we are using it not in the best optimal way yet but we are learning and will be reading more and following this group for that. And here I wish to thank to Chris Messina and all the authors of the OAuth system and also everybody who participates and its development and discussions here. Also, if, by chance, you're a game developer or wish to help us with OAuth implementation, please feel free to visit our Google Code side where the iGetScores project is hosted. We've made both iPhone client and web server open source and free to download. Just launched it for beta testing and hope some developers will join us to develop and improve the system: http://code.google.com/p/igetscores/ best regards, Taras --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
